05 October 2015

Remote Administration Using PSTools

PSTools is one of the most useful suites of applications out there for a network administrator. The toolkit consists of several command line applications that allow you to perform remote administrative functions such as interrogate processes and services. Below is a list of my favorite tools and how I use them on a daily basis. Please note that you require administrative privileges on the remote system to be able to use these tools.

pslist

pslist allows you to get a list of the running processes on a remote system. I use this to see if users are running a particular process that I want to kill on their machine or not. It can be useful to troubleshoot certain issues or just determine if a user is running a specific application on their machine.

pslist examples

get a list of all the process on the machine:

pslist \\computername

get a list of all the processes starting with i

pslist \\computername i

pskill

pskill allows you to kill a process on a remote machine. This is particularly useful if you have a user who is running an application that they shouldn't and you want to shut it down remotely without them noticing it was you or if there is a non-responsive app on a remote computer for instance I have found that adobe acrobat reader often leaves instances running in the background and consumes user resources.

pskill examples

Kill iTunes on the remote computer

pskill \\computername itunes.exe

psexec

psexec allows you to remotely execute an application on a machine. This is useful to run remote scripted installs.

psexec examples

Open notepad on the remote computer (may not be visible to logged on user)

psexec \\computername notepad.exe

Copy the batch file to the remote computer and execute it. Batch file will map a network drive and call an installer.

psexec \\computername -C remote_install.bat

psloggedon

psloggedon gives you a list of all the users logged onto a remote computer. This is a great way to tell who is loggedon to a machine so you can phone them up and ask them why they are running a game you just noticed using pslist.